Share this:

Like this:

Related

4 Responses

my take on this is that sanity checks are trading development time for debugging time. Since latter usually takes more effort, it seems to be logical to favor sanity checks.

However on every job I’ve been so far there was great push to develop on time, typically in almost impossible schedule. Bug fixing was always taken much less strict and kind of second plan.

So I end up making those sanity checks only in code for other people (general library or module) and on few places where I or my coworkers got bitten. It also means very often that interface is not very intuitive then.

I don’t like how lots of people see type checking as an all or nothing affair. Why should I use a static language when I want to do thorough type checking at my boundaries (public facing functions)? I should be able to provide my library users with good error messages as early as possible without being accused of trying to turn Perl into Java or Haskell.

@Roman – a couple of points on your points… firstly, I agree with you that modules used by more people (usually more generic modules), in general should have better argument checking.

Secondly, often if I pass the wrong time of argument into a function, it gets picked up when I try to use it. For example, if I call prepare on an argument that isn’t a database handle, I get a fatal error at that line. As my functions are usually pretty small, I can immediately see what I’ve done wrong without an additional sanity check on the argument list.

@Dave – Hmmm… this kind of typeful programming is available even to mainstream languages like Java and C++. It isn’t the preserve of the Haskell-using elite.

And sanitising an age argument to ensure it is a positive number is hardly defensive. It doesn’t protect against argument inversion if I’m passing a couple of non-numbers, one of which isn’t an age. But wouldn’t it have been great if Ada had won and we could easily specify restricted subtypes of primitives that were checked by the compiler?

@Michael – I’m not sure whether you’re agreeing with me or not. My point is not that you shouldn’t sanitise arguments (whether that be in the defensive way I’ve illustrated here, or the soft way that Dave advocates above). I don’t really care how you code. What I do care about is when people say stuff like if you don’t sanitise your arguments, I don’t want to work with you.

Having said that, if you are specifying all your types precisely as I’ve indicated here, why wouldn’t you use Java and get greater speed, better tools, and in general support from the compiler for this style of programming?